Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/aPxTZ8mfqGaN-ZJ2QYOft8ADCW0.roa
File: aPxTZ8mfqGaN-ZJ2QYOft8ADCW0.roa (raw, json)
Hash identifier: UldReywctRXrgFuGYqhmFprjqNz6tSz+NgpRRV17yUE=
Subject key identifier: 68:FC:53:67:C9:9F:A8:66:8D:F9:92:76:41:83:9F:B7:C0:03:09:6D
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01856F797C9BD6E2BA040594A0E47208C518
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/aPxTZ8mfqGaN-ZJ2QYOft8ADCW0.roa
Signing time: Sun 01 Jan 2023 22:35:10 +0000
ROA not before: Sun 01 Jan 2023 22:35:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39351
IP address blocks: 45.92.231.0/24 maxlen: 24
45.130.118.0/24 maxlen: 24
2a07:e341::/32 maxlen: 32
2a07:e340::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:7c:9b:d6:e2:ba:04:05:94:a0:e4:72:08:c5:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 1 22:35:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68fc5367c99fa8668df9927641839fb7c003096d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c1:e8:c0:ed:9c:73:30:bf:ff:32:e2:ce:fd:
2c:76:a6:4f:58:17:f4:73:2c:96:62:b0:f9:db:69:
28:6b:6a:1e:8d:92:80:56:23:01:e1:6d:84:b3:d5:
7a:50:f4:c2:df:10:e8:4e:21:27:a1:d7:24:3e:74:
57:0e:aa:35:85:64:04:97:1f:35:49:bf:8e:7a:02:
b0:58:ab:25:a7:e9:1d:e5:8b:3e:ec:32:37:65:1d:
53:0d:03:2e:0b:6a:a5:3d:99:96:6c:fb:8d:3e:53:
78:d6:d7:b9:20:62:1d:fb:e4:d5:e6:74:af:42:cb:
de:72:8d:dd:e4:d4:7b:54:d3:6f:f4:0c:fd:72:6e:
bb:95:52:48:a3:e9:63:22:1b:c6:b9:12:9e:76:c0:
e0:bc:83:87:10:62:16:52:a2:5f:e2:fa:92:6d:4f:
ad:73:2a:a1:20:01:c8:a1:a5:9b:a8:04:39:b3:3a:
00:91:41:8a:57:58:e8:aa:94:80:c0:a7:04:ea:f9:
ab:b2:74:3a:93:94:f7:45:57:d5:67:d6:c3:24:3b:
d5:d2:cc:1c:ef:ae:fe:85:92:61:f4:53:f2:4d:f8:
49:fc:3e:7b:77:d7:61:3b:8e:4a:af:50:75:fc:1e:
e7:1b:56:72:03:e0:66:1c:67:f6:0b:08:13:5a:da:
b3:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:FC:53:67:C9:9F:A8:66:8D:F9:92:76:41:83:9F:B7:C0:03:09:6D
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/aPxTZ8mfqGaN-ZJ2QYOft8ADCW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.231.0/24
45.130.118.0/24
IPv6:
2a07:e340::/31
Signature Algorithm: sha256WithRSAEncryption
ba:0a:a8:68:58:b2:8b:7d:ec:1d:c7:f0:3f:d3:1a:22:24:ca:
a1:19:21:03:e5:e1:f0:e9:df:5b:f6:0d:3a:78:3d:a9:d9:f3:
0d:b1:dd:72:bd:44:c0:11:f5:39:01:15:44:eb:14:d5:87:73:
34:e7:ac:30:36:ca:79:ec:02:93:ac:f8:2d:85:1d:fa:74:aa:
60:67:2d:a7:38:8b:04:dd:ed:0b:09:95:c3:9d:c2:9a:07:d3:
85:ea:e6:65:69:ae:0f:7a:f6:45:b9:f3:9c:9e:40:be:2a:64:
c2:5b:25:32:36:5a:5d:82:51:89:3d:78:76:99:43:a7:01:d5:
8d:69:80:1c:9b:2f:84:8d:97:3d:cf:6e:f1:a3:ba:61:81:c3:
a3:61:bc:8e:b0:60:f1:27:11:cd:71:48:de:71:c4:ad:4c:75:
8c:0b:1a:94:fa:52:28:0b:5c:3a:ef:05:5e:1c:13:cd:a8:0c:
9e:fa:cc:f5:af:e9:5c:71:79:db:56:8a:39:0e:30:f9:fa:c3:
69:fa:50:d8:2a:16:ab:47:bf:69:30:6c:85:a3:89:67:8d:fc:
40:a7:e3:ed:fb:91:7f:bc:74:da:f1:e1:02:1b:76:b1:35:f3:
35:ef:77:95:00:e4:3d:c8:b8:7b:11:ab:0b:7b:ac:86:75:d8:
24:8c:a7:92
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVveXyb1uK6BAWUoORyCMUYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMwMTAxMjIzNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGZjNTM2N2M5OWZhODY2OGRmOTkyNzY0MTgzOWZiN2MwMDMwOTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsHowO2cczC//zLizv0sdqZPWBf0
cyyWYrD522koa2oejZKAViMB4W2Es9V6UPTC3xDoTiEnodckPnRXDqo1hWQElx81
Sb+OegKwWKslp+kd5Ys+7DI3ZR1TDQMuC2qlPZmWbPuNPlN41te5IGId++TV5nSv
Qsveco3d5NR7VNNv9Az9cm67lVJIo+ljIhvGuRKedsDgvIOHEGIWUqJf4vqSbU+t
cyqhIAHIoaWbqAQ5szoAkUGKV1joqpSAwKcE6vmrsnQ6k5T3RVfVZ9bDJDvV0swc
767+hZJh9FPyTfhJ/D57d9dhO45Kr1B1/B7nG1ZyA+BmHGf2CwgTWtqzJwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGj8U2fJn6hmjfmSdkGDn7fAAwltMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvYVB4VFo4bWZxR2FOLVpKMlFZT2Z0OEFEQ1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALVznAwQA
LYJ2MA0EAgACMAcDBQEqB+NAMA0GCSqGSIb3DQEBCwUAA4IBAQC6CqhoWLKLfewd
x/A/0xoiJMqhGSED5eHw6d9b9g06eD2p2fMNsd1yvUTAEfU5ARVE6xTVh3M056ww
Nsp57AKTrPgthR36dKpgZy2nOIsE3e0LCZXDncKaB9OF6uZlaa4PevZFufOcnkC+
KmTCWyUyNlpdglGJPXh2mUOnAdWNaYAcmy+EjZc9z27xo7phgcOjYbyOsGDxJxHN
cUjeccStTHWMCxqU+lIoC1w67wVeHBPNqAye+sz1r+lccXnbVoo5DjD5+sNp+lDY
KharR79pMGyFo4lnjfxAp+Pt+5F/vHTa8eECG3axNfM173eVAOQ9yLh7EasLe6yG
ddgkjKeS
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:32 2023 by rpki-client on console-fra.rpki-client.org